Apple released 11 Quicktime patches

Apple released 11 patches for its QuickTime multimedia program on Wednesday, fixing a variety of problems that could allow a hacker to execute malicious code on a machine.

It's at least the sixth time Apple has patched QuickTime since October, as researchers and hackers have been closely examining media players for vulnerabilities. As operating systems have become more secure, vulnerabilities in applications have become a favored route to break into a PC.

The patches address security issues, enhance reliability and improve the compatibility of QuickTime with third-party applications, Apple said.

Apple credited identification of more than half of the problems described to TippingPoint, a security vendor that runs Zero Day Initiative, a program that rewards researchers for finding vulnerabilities.

Many of the problems with QuickTime occur when the application opens a movie that has been specially crafted to take advantage of flaws in the software. Several of the vulnerabilities are buffer overflows, where a problem with an application's use of memory can be exploited in order to run other code.

The up-to-date version of QuickTime is now 7.4.5. Apple's Software Update function will download the new patches for computers running Windows and Apple's Mac OS X.